A vulnerability has been discovered and corrected in davfs2:
Davfs2, a filesystem client for WebDAV, calls the function system()
insecurely while is setuid root. This might allow a privilege
escalation (CVE-2013-4362).
[More...]